BreachExchange mailing list archives
Hacker claims breach of 50, 000 accounts from Wall Street IT recruiting firm
From: security curmudgeon <jericho () attrition org>
Date: Thu, 19 Jul 2012 15:56:37 -0500 (CDT)
---------- Forwarded message ---------- From: InfoSec News <alerts () infosecnews org> https://www.computerworld.com/s/article/9229336/Hacker_claims_breach_of_50_000_accounts_from_Wall_Street_IT_recruiting_firm By Jaikumar Vijayan Computerworld July 18, 2012 A hacker today claimed to have broken into ITWallStreet.com, a website for IT professionals who are seeking Wall Street jobs or working with Wall Street firms, and exposed highly detailed data belonging to tens of thousands of job applicants. As many as 12 data files containing detailed information on job applicants were publicly posted today after they had apparently been accessed from an ITWallStreet database by a hacker who's a member of a group called TeamGhostShell. A Computerworld inspection of the published data showed the first and last names, mailing addresses, email addresses, usernames, hashed passwords and phone numbers of what appear to be thousands of people who have applied for IT jobs with Wall Street firms. Many of the thousands of hashed passwords appear to have already been decrypted into their clear text form. The data dump included details such as salary and bonus expectations of the job seekers and even feedback on specific candidates. One of the published files, for instance, contained snippets of email exchanges presumably between recruiters and account managers discussing the viability of certain candidates for specific jobs. [...] _______________________________________________ Dataloss Mailing List (dataloss () datalossdb org) Archived at http://seclists.org/dataloss/ Unsubscribe at http://datalossdb.org/mailing_list Supporters: Risk Based Security (http://www.riskbasedsecurity.com/) Risk Based Security equips organizations with security intelligence, risk management services and on-demand security solutions to establish customized risk-based programs to address information security and compliance challenges. Tenable Network Security (http://www.tenable.com/) Tenable Network Security provides a suite of solutions which unify real-time vulnerability, event and compliance monitoring into a single, role-based, interface for administrators, auditors and risk managers to evaluate, communicate and report needed information for effective decision making and systems management.
Current thread:
- Hacker claims breach of 50, 000 accounts from Wall Street IT recruiting firm security curmudgeon (Jul 19)